Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/jOQLtEEwuaanGx9WUmP6_HxVAmQ.roa
File: jOQLtEEwuaanGx9WUmP6_HxVAmQ.roa (raw, json)
Hash identifier: PIKD668A/NH5tA1UZ5lxqtOh3kNokC8ELipfzac696M=
Subject key identifier: 8C:E4:0B:B4:41:30:B9:A6:A7:1B:1F:56:52:63:FA:FC:7C:55:02:64
Certificate issuer: /CN=509f391f29d92078ba6e2c76faa2f8ae947343e6
Certificate serial: 01856CE62DC260C6C3343C023D82E936668E
Authority key identifier: 50:9F:39:1F:29:D9:20:78:BA:6E:2C:76:FA:A2:F8:AE:94:73:43:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ85HynZIHi6bix2-qL4rpRzQ-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/jOQLtEEwuaanGx9WUmP6_HxVAmQ.roa
Signing time: Sun 01 Jan 2023 10:35:02 +0000
ROA not before: Sun 01 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203568
IP address blocks: 185.130.156.0/24 maxlen: 24
185.130.156.0/22 maxlen: 22
185.214.220.0/22 maxlen: 22
185.214.220.0/24 maxlen: 24
2a07:6a80::/29 maxlen: 29
2a07:6a86::/32 maxlen: 32
2a07:6a82::/31 maxlen: 31
2a0d:d5c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:2d:c2:60:c6:c3:34:3c:02:3d:82:e9:36:66:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509f391f29d92078ba6e2c76faa2f8ae947343e6
Validity
Not Before: Jan 1 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ce40bb44130b9a6a71b1f565263fafc7c550264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:fb:33:8f:44:11:11:89:50:74:3a:8e:66:
17:d7:8a:90:96:17:01:76:84:90:77:9a:54:58:31:
e5:0b:eb:b7:e9:ca:60:84:3a:a9:28:7d:3d:29:cd:
a5:21:0a:af:e0:d8:91:e6:a1:e8:8c:0c:b9:db:13:
b4:88:2f:0b:d1:0f:b9:fc:55:ba:bd:47:28:4d:a5:
3a:2b:89:a8:57:59:6e:9d:51:67:0b:0e:e3:49:51:
db:f3:a6:fa:fc:cf:e1:8d:c5:7f:7f:c5:40:d6:25:
57:6a:a5:09:ee:7d:1f:dd:42:11:14:56:cb:12:f1:
e9:e5:90:6f:f6:3a:1a:e5:1e:c6:a2:c6:14:99:db:
32:be:34:77:ea:3e:bf:92:79:26:bb:dc:c0:0b:12:
be:47:a2:e8:7f:3e:d8:80:2b:8d:4f:d0:6a:1d:f5:
6a:27:d0:97:5b:9f:91:f6:16:15:46:1a:02:fd:de:
25:7c:cd:8b:9d:51:33:7b:e6:88:cc:48:fe:d6:ba:
d3:7a:8d:ab:19:02:db:77:64:1b:71:29:7f:91:44:
35:44:a6:01:c1:84:db:b1:17:cc:93:65:d1:cb:9c:
2d:f4:3e:93:16:6f:f4:24:6d:a7:ff:75:46:84:94:
12:c4:f8:6d:d3:b4:fc:d9:76:19:62:0b:69:a8:88:
00:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E4:0B:B4:41:30:B9:A6:A7:1B:1F:56:52:63:FA:FC:7C:55:02:64
X509v3 Authority Key Identifier:
keyid:50:9F:39:1F:29:D9:20:78:BA:6E:2C:76:FA:A2:F8:AE:94:73:43:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ85HynZIHi6bix2-qL4rpRzQ-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/jOQLtEEwuaanGx9WUmP6_HxVAmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/UJ85HynZIHi6bix2-qL4rpRzQ-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.156.0/22
185.214.220.0/22
IPv6:
2a07:6a80::/29
2a0d:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:3f:2f:80:93:d6:bb:a6:8c:7e:e4:9f:47:ea:44:d1:8a:49:
b8:92:f9:d6:42:d6:a6:13:31:36:8e:89:25:00:e3:6c:4f:db:
0f:08:39:07:c2:d7:e6:bb:be:68:e9:a3:f7:02:03:fb:1d:c9:
b1:bb:39:c0:b1:82:10:66:a1:9d:35:2d:a8:29:93:e5:ed:bb:
17:2a:0a:12:17:32:36:6b:ce:0e:f2:5a:22:3e:bc:94:a6:44:
79:de:b7:c4:66:90:17:12:7f:60:1f:a6:c6:6c:b0:bf:30:43:
2b:2d:52:85:24:73:f1:fa:bd:88:93:cf:8a:e0:4c:64:c4:48:
70:11:26:d1:00:29:b6:a5:da:56:c9:6d:12:60:1f:a8:5a:00:
9d:f2:ae:4b:56:c5:04:dd:e8:1f:51:48:97:1c:7d:76:d2:80:
46:bc:1c:24:40:63:31:69:65:80:e0:e9:0c:37:c3:9e:68:b1:
f9:a7:eb:62:a2:ec:e8:ed:bb:24:82:99:79:21:29:69:df:5b:
28:14:72:59:63:94:ce:a3:af:23:20:db:34:dc:43:49:4e:6a:
50:67:de:1e:a3:44:de:a7:4d:41:84:37:56:99:c8:a6:91:32:
7b:ba:27:af:84:40:29:c3:e4:78:71:4f:e2:de:41:7d:a7:26:
60:c8:2f:ce
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVs5i3CYMbDNDwCPYLpNmaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWYzOTFmMjlkOTIwNzhiYTZlMmM3NmZhYTJmOGFlOTQ3
MzQzZTYwHhcNMjMwMTAxMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2U0MGJiNDQxMzBiOWE2YTcxYjFmNTY1MjYzZmFmYzdjNTUwMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlf7M49EERGJUHQ6jmYX14qQlhcB
doSQd5pUWDHlC+u36cpghDqpKH09Kc2lIQqv4NiR5qHojAy52xO0iC8L0Q+5/FW6
vUcoTaU6K4moV1lunVFnCw7jSVHb86b6/M/hjcV/f8VA1iVXaqUJ7n0f3UIRFFbL
EvHp5ZBv9joa5R7GosYUmdsyvjR36j6/knkmu9zACxK+R6Lofz7YgCuNT9BqHfVq
J9CXW5+R9hYVRhoC/d4lfM2LnVEze+aIzEj+1rrTeo2rGQLbd2QbcSl/kUQ1RKYB
wYTbsRfMk2XRy5wt9D6TFm/0JG2n/3VGhJQSxPht07T82XYZYgtpqIgAgwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIzkC7RBMLmmpxsfVlJj+vx8VQJkMB8GA1UdIwQY
MBaAFFCfOR8p2SB4um4sdvqi+K6Uc0PmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUo4NUh5blpJSGk2Yml4Mi1xTDRycFJ6US1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9kNWRkMWEtN2I1OS00NDM1LWFiZGYt
MjhkMGYyMDJlMzZkLzEvak9RTHRFRXd1YWFuR3g5V1VtUDZfSHhWQW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9kNWRkMWEtN2I1OS00NDM1LWFiZGYtMjhkMGYyMDJlMzZk
LzEvVUo4NUh5blpJSGk2Yml4Mi1xTDRycFJ6US1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuYKcAwQC
udbcMBQEAgACMA4DBQMqB2qAAwUDKg3VwDANBgkqhkiG9w0BAQsFAAOCAQEAnj8v
gJPWu6aMfuSfR+pE0YpJuJL51kLWphMxNo6JJQDjbE/bDwg5B8LX5ru+aOmj9wID
+x3Jsbs5wLGCEGahnTUtqCmT5e27FyoKEhcyNmvODvJaIj68lKZEed63xGaQFxJ/
YB+mxmywvzBDKy1ShSRz8fq9iJPPiuBMZMRIcBEm0QAptqXaVsltEmAfqFoAnfKu
S1bFBN3oH1FIlxx9dtKARrwcJEBjMWllgODpDDfDnmix+afrYqLs6O27JIKZeSEp
ad9bKBRyWWOUzqOvIyDbNNxDSU5qUGfeHqNE3qdNQYQ3VpnIppEye7onr4RAKcPk
eHFP4t5BfacmYMgvzg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net